On 17 July 2019 the General Inspector of Financial Information (GIIF) published Poland’s first AML/CFT National Risk Assessment. This document of nearly 450 pages was prepared pursuant to the new Anti Money Laundering and Counter Financing of Terrorism Act, which introduced regulations requiring GIIF to prepare a national assessment and update it periodically.
Last year I proposed that Poland should take a broader approach to the issue of regulatory sandboxes, not merely copying solutions adopted in other countries. Now we see the first steps towards creation of multi-sectoral (not exclusively financial) regulatory sandboxes.
The trend started by the Financial Conduct Authority in the UK of creating regulatory sandboxes for the financial sector has spread around the world, including Poland. Although many voices from major jurisdictions, such as the United States and Germany, are skeptical, this solution undoubtedly has its advantages. Market participants usually rate this concept very highly, even if in reality the sandbox does not deliver immediate regulatory benefits (for example, it does not enable limited operation of regulated activity without a licence, which would be difficult in EU member states due to the harmonised regulatory regime).
Financial technology (FinTech) has been one of the hottest technology areas for several years. It has attracted much attention in Poland as well, particularly due to the successes to date of local FinTech start-ups.
This topic picked up additional steam when a financial innovation working group was appointed at the Polish Financial Supervision Authority (KNF), and then the FinTech Department was opened at the KNF Office. With its Innovation Hub programme, the department has contributed to creation of a positive atmosphere around FinTech in Poland.
The EU reform of the payment services sector is now entering the last straightaway. One of the key changes launched by adoption of the revised Payment Services Directive (PSD2) was introduction of new types of payment services which require access to the user’s payment account using a type of interface defined in the regulations. The duties connected with such access rest on the providers operating the accounts, which have a choice between creating a dedicated “application programming interface” (API) or upgrading their existing user interface system. Both solutions are to a certain extent linked with the earlier known and controversial method of screen scraping.
What is screen scraping?
Screen scraping is automated harvesting by a computer program of data presented in visual form, usually not adapted for machine reading. The data obtained in this way may derive from various sources, such as websites displayed by a browser, computer programs, or mobile applications.
Regulatory sandboxes usually focus on financial regulations. However, these are not the only obstacle holding back innovative fintech start-ups. More extensive sandbox solutions that also cover data protection issues could make Poland a pioneer on the attractive global market supporting fintech.
New applications for blockchain, such as decentralised exchanges and unique tokens, bring new legal challenges. But sometimes even well-known uses of this technology present interesting legal issues never raised before or for some reason overlooked in the legal debate.
Undoubtedly cryptocurrencies and other crypto assets will not remain outside the legal system for long. Although they cannot be directly tied to many existing regulatory regimes, as we discussed in 2014 in our virtual currencies report, this does not mean that activity involving crypto assets will never be regulated. This is evident from the example of blockchain tokens, which in certain situations may be regarded as financial instruments.